Fix client-certificate match if-check

`preg_match` returns `0` if no matches are found, `FALSE` only on error. This means that with the previous check unmatching certificates would not be identified, only when the preg_match itself would error.

Fix client-certificate match if-check
3224e870 · Daan van Renterghem · Thijs Kinkhorst · 3d735912 · 3224e870
Commit 3224e870 authored 10 years ago by Daan van Renterghem Committed by Thijs Kinkhorst 10 years ago
--- a/modules/saml/lib/Message.php
+++ b/modules/saml/lib/Message.php
@@ -621,8 +621,9 @@ class sspmod_saml_Message {
 				/* Extract certificate data (if this is a certificate). */
 				$clientCert = $_SERVER['SSL_CLIENT_CERT'];
 				$pattern = '/^-----BEGIN CERTIFICATE-----([^-]*)^-----END CERTIFICATE-----/m';
-				if (preg_match($pattern, $clientCert, $matches) === FALSE) {
-				    $lastError = 'No valid client certificate provided during TLS Handshake with SP';
+				if (!preg_match($pattern, $clientCert, $matches)) {
+				    $lastError = 'Error while looking for client certificate during TLS handshake with SP, the client certificate does not '
+				                 . 'have the expected structure';
 				    continue;
 				}
 				/* We have a valid client certificate from the browser. */